Vulnerabilities > Opera

DATE CVE VULNERABILITY TITLE RISK
2004-04-15 CVE-2003-0593 Path Traversal vulnerability in Opera Browser
Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g.
network
low complexity
opera CWE-22
7.5
2004-02-11 CVE-2004-2083 Unspecified vulnerability in Opera Browser
Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."
network
high complexity
opera
2.6
2003-12-31 CVE-2003-1561 Information Disclosure vulnerability in Opera
Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.
network
opera
4.3
2003-12-31 CVE-2003-1420 Cross-site Scripting vulnerability in Opera Browser
Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header.
network
opera CWE-79
4.3
2003-12-31 CVE-2003-1397 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Opera Browser 6.05/7.0/7.01
The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service (crash) via an HTTP request containing a long string that gets passed to the ShowDocument method.
network
opera CWE-119
4.3
2003-12-31 CVE-2003-1396 Out-of-bounds Write vulnerability in Opera Browser
Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension.
network
opera CWE-787
6.8
2003-12-31 CVE-2003-1388 Classic Buffer Overflow vulnerability in Opera Browser 7.02
Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension.
network
opera CWE-120
critical
9.3
2003-12-31 CVE-2003-1387 Classic Buffer Overflow vulnerability in Opera Browser 6.05/6.06/7.0
Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username.
network
low complexity
opera CWE-120
7.5
2003-11-17 CVE-2003-0870 Out-of-bounds Write vulnerability in Opera Browser 7.11/7.20
Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name.
network
low complexity
opera CWE-787
7.5